PT-2025-11146 · Gitlab · Gitlab Ce/Ee

Published

2025-03-12

Updated

2025-03-15

CVE-2024-13054

CVSS v2.0

6.8

Medium

Vector

AV:N/AC:L/Au:S/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions prior to 17.7.7 GitLab CE/EE version 17.8 prior to 17.8.5 GitLab CE/EE version 17.9 prior to 17.9.2

Description: An issue was discovered in GitLab CE/EE where a denial of service vulnerability could allow an attacker to cause a system reboot under certain conditions.

Recommendations: For GitLab CE/EE versions prior to 17.7.7, update to version 17.7.7 or later. For GitLab CE/EE version 17.8 prior to 17.8.5, update to version 17.8.5 or later. For GitLab CE/EE version 17.9 prior to 17.9.2, update to version 17.9.2 or later.

Exploit

Fix

DoS

Allocation of Resources Without Limits

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-770

Related Identifiers

BDU:2025-03646

BIT-GITLAB-2024-13054

CVE-2024-13054

Affected Products

Gitlab Ce/Ee

PT-2025-11146 · Gitlab · Gitlab Ce/Ee

CVE-2024-13054

Weakness Enumeration

Related Identifiers

Affected Products

References · 15